Print Download PDF Send Feedback

Previous

Next

'fwaccel synatk' and 'fwaccel6 synatk'

Description

These commands control the Accelerated SYN Defender on the local Security Gateway, or Cluster Member.

Important - See sk120476 for information about the 'SYN Attack' protection in SmartConsole.

Syntax for IPv4

fwaccel synatk

-a

-c <options>

-d

-e

-g

-m

-t <options>

config

monitor <options>

state <options>

whitelist <options>

Syntax for IPv6

fwaccel6 synatk

-a

-c <options>

-d

-e

-g

-m

-t <options>

config

monitor <options>

state <options>

whitelist <options>

Parameters

Parameter

Description

No Parameters

Shows the applicable built-in usage.

-a

Applies the configuration from the default file.

-c <options>

Applies the configuration from the specified file.

-d

Disables the Accelerated SYN Defender on all interfaces.

-e

Enables the Accelerated SYN Defender on interfaces with topology "External".

Enables the Accelerated SYN Defender in Monitor (Detect only) mode on interfaces with topology "Internal".

-g

Enables the Accelerated SYN Defender on all interfaces.

-m

Enables the Accelerated SYN Defender in Monitor (Detect only) mode on all interfaces.

In this state, the Accelerated SYN Defender only sends a log when it recognizes a TCP SYN Flood attack.

-t <options>

Configures the threshold numbers of half-opened TCP connections that trigger the Accelerated SYN Defender.

config

Shows the current Accelerated SYN Defender configuration.

monitor <options>

Shows the Accelerated SYN Defender status.

state <options>

Controls the Accelerated SYN Defender states.

whitelist <options>

Controls the Accelerated SYN Defender whitelist.